How to Make Email Encryption Easier than Using WhatsApp or Signal

Posted
1 month, 1 week ago

Right now, when people think of seamless, end-to-end message encryption, they’re likely to think of WhatsApp (which has over a billion users) or Signal (which developed the baseline open source encryption technology). There’s a good reason for this: five years ago, when Signal was launched, it offered a pioneering commitment to both privacy and ease-of-use. "The choices we’re making, the app we're trying to create, it needs to be for people who don’t know how to enable airplane mode on their phone," Signal founder Moxie Marlinspike said in a recent Wired article—and it seems like the project largely succeeding at setting a high standard for ease-of-use.

This potent combination has even led some organizations to adopt Signal for official communications (most recently, the European Commission), and it’s even led some commentators to wonder whether email is in its death throes as a result of these increasingly widespread messaging apps. “After all,” the reasoning goes, “why use a system like email that’s difficult to encrypt end-to-end—especially when these other solutions exist and are so much easier to use?”

It’s a reasonable question, but it’s built upon a fallacy. End-to-end email encryption isn’t just possible, it’s a huge opportunity for businesses to fight off CEO fraud, spying, and phishing—but it needs to be built with enough automation that “people who don’t know how to enable airplane mode” can use it with ease.

How Does Signal Encrypt Your Messages?

Before we get into what’s possible in email encryption, let’s take a second to go over how Signal actually encrypts communication for its users. Essentially, when a user downloads the app, Signal’s system automatically generates public and private keys. When the user wants to exchange a message with another Signal user, the app encrypts the message using the Signal Protocol (the same protocol that WhatsApp claims to use), then facilitates a key exchange to decrypt it on the other end. A central Signal server maintains public keys, but private encryption keys remain particular to their users, meaning that Signal itself (to say nothing of hackers) can’t decrypt the messages as they’re in transit. The only manual step a user has to take is the scanning of a QR code or the comparison of a 60-digit safety number with the correspondent of the message to ensure that he/she is actually the person they intended to communicate with and not a man-in-the-middle.

The technology is open source and peer-to-peer, meaning that there are no backdoors and your privacy (as well as the authenticity and confidentiality of your communications) is maintained throughout.

Wouldn’t it be nice if email could work this way as well?

Signal vs. WhatsApp

Based on the above, you can probably imagine why some people want to let email go the way of GeoCities and those free AOL installation CD-ROMS. In practical fact, human error or indifference represents the biggest cyber-security risk factor for most organizations, and any system that takes human error out of the equation will be more secure as a result. This means fewer phishing attacks, less CEO fraud, and less business email (or message) compromise in general.

And, of course, Signal isn’t the only option for users and admins who are prioritizing ease-of-use above all else. WhatsApp, for instance, has a much larger userbase than Signal, thanks to its integration with Facebook, which purchased the app in 2014 for US$19 billion. While WhatsApp claims to use the same encryption technology, it does not share the source code for all to verify that it does what it says, and it does collect and save some metadata and other information from its users, which then goes back to Facebook—meaning that while their security standards are high, their privacy standards are another matter altogether. Still, the app has become popular enough to at least compete with email in any number of professional organizations. Often, that takes the form of shadow IT (i.e. technology that’s being used without the explicit buy-in of the IT team or the C-suite), but there’s also an enterprise version that seeks to incorporate these encrypted messages into larger corporate communications structures.

Is Email Dead?

If Signal and WhatsApp with end-to-end encryption are so easy to use, and people are so quick to substitute these systems for email communications, then email must really be in its death throes, right? After all, we’ve been predicting the death of email for years, and it’s got to happen to eventually—easy encryption and improved security seem like a better reason than most for CIOs to start transitioning their enterprises away from email altogether.

Not so fast.

As recently as two years ago, email usage across the EU was still growing, and studies have found that more than 80% of professionals list email as their preferred communication method for business. Much of this email usage is on mobile devices, which means that it’s often competing directly with messaging apps and still winning out—suggesting that at best it’s extremely premature to talk about a widespread move away from using email for corporate communications.

The growth of digitization is behind the new lifeline of email. While enterprises push further and further into the digital world, with confirmations, orders, airline tickets, and invoices being digitized, the role of e-mail has become more and more important as it serves as a delivery mechanism for all the above. Practically all e-commerce activities still require an e-mail address today.

This means that it’s increasingly critical from a cybersecurity perspective that enterprises find a way to manage their email securely, without requiring a Herculean effort from their users. Otherwise, CIOs run the risk that half of your company will be using unsanctioned shadow IT outside company control and monitoring, while the other half remains vulnerable to phishing, spear-phishing, whaling, and other tactics that hackers might use to steal users’ information and use it maliciously. The question is: how do you make this happen?

Why has e-mail lagged behind messaging in end-to-end encryption?

For one thing, e-mail was developed in a different time and it has several disadvantages compared to chat/messaging, especially when it comes to security.

E-mail is a federated, decentralized system with e-mail servers spread all over, from basements to company datacenters, to the cloud. Communication between the systems is asynchronous, meaning they’re not always connected.

By contrast, messaging platforms like WhatsApp or Signal run on a central server, where all the users have created an account. The communication between these accounts is synchronous, meaning they are always connected to each other.

These 2 items–centralization and synchronous communication—make it much easier to exchange encryption keys between users and streamline usability. But centralization comes with a huge drawback–anyone who can ‘take over’ or hack the central system will, in the end, sooner or later, have access to everything.

Closing the Ease-of-Use Gap

Open source, end-to-end encryption for email already exists, of course. There’s PGP (short for “Pretty Good Privacy”) and S/MIME, which enterprises can install on their Outlook accounts in order to provide encryption and manage keys/certificates by hand.

There are also encrypted hosted email services like ProtonMail, which is popular among people that do business in China and Russia (countries whose governments routinely use encryption backdoors to access business’ information).

Both of these solutions, however, present certain difficulties:

PGP requires complex setup procedures and manual key management, which most users do not understand aren’t going to do diligently. S/MIME has from similar issues and still suffers from the EFail problem.

Hosted services, like ProtonMail and others, are services that offer encrypted e-mail accounts on their servers and only protect you when communicating with other users of the services (the same as WhatsApp or Signal). In addition, these are a central services, where you need to ultimately fully trust the companies like ProtonMail (again like WhatsApp and Signal in messaging) as programmers and operators with full control, as well as the laws of the country they operate in. This model works only if everyone becomes a user of the service. This works if you’re as successful as WhatsApp, but these services are not compatible with corporate needs like anti-virus, data-loss-protection, etc.

What businesses really need for e-mail is something that’s as easy or easier than WhatsApp or Signal, while offering the same or a greater level of security, while working seamlessly with any existing set-up and with any e-mail provider, in-house or in the cloud.

What does this mean in practice?

User sending and receiving e-mail the same way as before, without any additional clicks, but automatically achieving perfect encryption with correspondents wherever possible.

A peer-to-peer trust model, based on open source, end-to-end encryption, where companies can be in full control of their own privacy without relying on a central provider.

Fully automated key management on the same level as Signal or better—meaning that end users simply have to plug and play, rather than powering through laborious training tutorials and extensive setup simply in order to use their email correctly.

Protection beyond the text of messages, including attachments and metadata, in order to cover not just email phishing but document-based attacks and other malicious behavior.

In short, a solution that closes the ease-of-use gap with chat/messaging and offers its users an email encryption that’s easier and safer than Signal.

How p≡p Security Encrypts Email (Invisibly)

The solution to email security that we sketched out above might seem like a pipedream, but we can assure you that it’s eminently achievable for businesses around the world right now. How do we know? Because it’s exactly what p≡p Security offers its enterprise users.

p≡p is committed to “privacy by default,” which means that we offer:

Peer-to-peer trust and end-to-end encryption, with no special configuration required.

Automated key management that’s invisible to users—no training, no education, no special actions needed for any daily activities.

End-to-end, open source, peer-to-peer — your emails, metadata, and attachment are all protected end-to-end, and there’s no way for p≡p to read your messages.

Unlike Signal, p≡p operates without any central infrastructure via a totally decentralized set-up, wherein every enterprise is 100% in control of its information and secrets.

Unlike Signal, p≡p integrates with all the corporate security and monitoring infrastructure implemented within corporate environments.

So, in the end, p≡p makes e-mail catch up with the best end-to-end encrypted messenger apps and even exceeds them in ease-of-use and security. Integration is seamless, and p≡p manages everything from behind the scenes.

And those users who don’t know how to put their phones on airplane mode? All of a sudden they become a hacker’s worst nightmare.